secshad0w1 @TechRubin
Cyber Security Gujarat, India Joined February 2018-
Tweets255
-
Followers15
-
Following287
-
Likes138
A fun NoSQL vuln that caused DOS: I sent a PUT request of {"field":"last_name","value":{"$ne":null}} which persisted and crashed the Teams/Admin UI for all users within the organization LOL #bugbounty #infosec Normal request body was: {"field":"last_name","value":"mason"}…
2015: - Clash of Clans - Subway Surfers - Pokémon - Shadow fight 2 2019: - PUBG - Minecraft - Fortnite - GTA V 2025: - X - GitHub - VS Code - ChatGPT - Cursor
Tip: When testing, try injecting a null byte (\u0000) into unexpected parameters. You never know how the backend will handle it — sometimes a small injection can completely break features like the invitation system. #BugBounty #BugBountytips #Hacking #Cybersecurity
Have you checked out @hadriansecurity's subwiz? It's a recon tool that uses ML to predict and resolve subdomains👇
New Hackyx Version 🚀🚀 hackyx.io - AI Search Mode - New dashboard to manage content - Automatically fetch new write-ups, bug reports and articles - RSS feed crawler - A queue system to handle jobs - Content with embeddings for better search - Filtered content to…
This email domain confusion technique from @garethheyes is so cool! Some really weird behavior can be found between different mail agents and the right characters/symbols 🤔
Sometimes you can control the href value in HTML tag<a>. So it's a good place for XSS payload! We've created a scheme how to use various encodings in href to bypass filters. gist.github.com/hackerscrolls/… @XssPayloads #BugBountyTip #Bypass
I'm thrilled to finally share my research on HTML parsing and DOMPurify at @grehack 2024 📜 The research article is available here: mizu.re/post/exploring… The slides are available here: slides.com/kevin-mizu/gre… 1/3
@NahamSec Pick a niche, become an expert, find bugs maybe even 0days or reverse n-days, and write blogs. Even if you don’t hit those $100k bounties, it’ll be a stepping stone toward a $100k job. What niche? How to pick? Examples? infosec being so vast from web3 sec to web2, mobile,…
🚀🚀Launched Reverse JS Search in jsmon.sh today!! Let's say you want to know, an IP address 10.0.0.1 is in how many JS urls? Or, a particular hostname, api path, email or a GQL query is present in which JS urls? Here's how you can do this!!
Daily Notes : Day 86 Content Security Policy Bypasses - Part 1 1. Unsafe Inline Content-Security-Policy: script-src google.com 'unsafe-inline'; Working payload: "/><script>alert(1);</script> 2. Unsafe Eval Content-Security-Policy: script-src…
I just published my new tool DirDar; DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it Link on Github: github.com/M4DM0e/DirDar credit: @M4dM0e #bugbountytips #bugs #Hackerone #BugCrowd #hackingnews
People start with 3 LPA and reach 30. People start with sharing a room in an apartment to living alone in a 2bhk. People start with nominal English sentences to being fluent. People start with being camera shy to being great creators. People start with ordering food online with…
After a few months of reviewing the latest PWK course, I have decided to refactor my list to create a new list of VM's for those who are preparing for the PWK/OSCP. Here is the link to see the new list: docs.google.com/spreadsheets/d…
My first blog post! It's about CVE-2023-4369, a $10,000 bug I found in ChromeOS in July. The bug used a chrome:// URL XSS to allow Chrome extensions to execute privileged code and read/edit downloaded files without user interaction. 👀 0x44.xyz/blog/cve-2023-…
🔒Sharing more secrets - It's 2023, and CSRF issues are far from extinct. In fact, I've discovered and reported 100+ CSRF vulnerabilities this year, raking in five figures $$$$$!💰 🚀 My top 5 CSRF bypass techniques and their secrets to success: 1️⃣ Swap "POST" with "GET":…
Never expect anything after reporting a bug. Unmet expectations lead to frustration which might eventually lead to burnout. #bugbountytips
DOM based XSS Recently I was able to find a DOM based XSS, This vulnerability usually arise when JavaScript takes data from an attacker-controllable source. Thread 🧵 #bugbountytips #domxss #xss
I along with @aszx87410 was recently able to find an interesting case of a DOM based xss in figma.com Sharing the details in this writeup as the bug is fixed now github.com/Sudistark/xss-…
here is my writeup of 8 account takeovers method 0xmaruf.medium.com/firing-8-accou… #infosec #bugbountytips #bugbounty #cybersecuritytips
Gretchen @g_roussel28
168 Followers 3K Following
ElsiePullan @xSQ7U432NNPy7tH
49 Followers 3K Following
octodi @0ctodi
7 Followers 162 Following
Lisa @lisamatthews59
303 Followers 3K Following
Karen @karen_morin_
495 Followers 3K Following
Rakesh Kirola @rakesh_2311
215 Followers 2K Following Learner | Cricket lover | eWPT | eMAPT | CAP. Views are personal. RT's are not endorsements!!
نواف الحربي @nawaff_alharbii
48 Followers 477 Following
Hardik Rathod ⚡ @imhardikrathod
312 Followers 1K Following Penetration Tester | Bug Bounty Hunter | CTF Player | Intigriti | Detectify | Yogosha | CVE-2022-2775
Aaditya.ai 🤖 @itstheaadii
1K Followers 3K Following 23 | Learner | AI Agents | Gen AI | Automation | Startups | Community Builder | Open-source | RAG | AI Researcher | Artist by choice, Engineer by default🤓
Marmik Singhania @MarmikSinghania
54 Followers 662 Following
GrowfSec @GrowfSec
237 Followers 5K Following Chief Disinformation Officer. Unemployed, views are exclusively my own and not my non-existent employer.
Kalpesh Jha @jha_kalpesh
107 Followers 395 Following web app pen-testing/bug bounty hunter/ Security infosec
DHARA SHAH.🦋 @iamds9
96 Followers 590 Following
Blaklis @Blaklis_
12K Followers 69 Following Security researcher - my researchs will be on https://t.co/2PnyCvqAIm Mostly inactive, soon replicated from BSKY.
Brute Logic @BRuteLogic
63K Followers 280 Following #CyberSecurity | #XSS #SQLi #SSRF | #WAF #bypass | #hack2learn | @RodoAssis | @KN0X55 | https://t.co/SIanVGfIHN | https://t.co/GyZaXU7FX9
ProjectDiscovery @pdiscoveryio
38K Followers 132 Following Detect real, exploitable vulnerabilities. Harness the power of Nuclei for fast and accurate findings without false positives.
Gunnar Andrews @G0LDEN_infosec
5K Followers 919 Following Hack Stuff | Code Stuff | Fitness | Kaizen OSCP | OSWA | OSWE https://t.co/4lgaVGZxd0 https://t.co/db6Gmb2ImT https://t.co/uY8NkPXaqA
D3k0w 🇰🇪 @d3q0w
362 Followers 82 Following just a guy with a laptop | Football as hobby | Security Researcher |
Ynoof @YnoofAssiri
2K Followers 956 Following 🇾🇪 🇵🇸 🇪🇬 || https://t.co/hWlG50y2rH https://t.co/APE1ZQzOy8 https://t.co/Ih7QCur7lE
Thomas Millar @thmsmlr
10K Followers 2K Following Follow me for Elixir stuff ⬩ @AnthropicAI prev @stitchfix_algo @uwaterloo instructor_ex ⬩ https://t.co/lQneGN7LAy ⬩ https://t.co/qziuESZ7hd
Masonhck357 @Masonhck3571
16K Followers 790 Following 🔍 Top 100 Bug Bounty Hunter @ Bugcrowd | 🇩🇴 Dominican | Ethical hacking fanatic | 🎮🎵 Lover | Keeping the digital world safe. opinions are that of my own
Youssef Sammouda (sam... @samm0uda
37K Followers 531 Following Hacker, bug bounty hunter, guy behind https://t.co/TBAtP71Cop. 1st in Meta bug bounty program for the last 6 years. YES Team Member
Chavda Zeel @ChavdaZeel
620 Followers 4K Following Pentester | @synack | Web Security | Learner | My tweets are my own
zonduu @zonduu1
5K Followers 262 Following Hacking the Planet! - Full-time bug bounty hacker 🇦🇷 https://t.co/dMI1g4s8Gv
mem0 @mem0ai
12K Followers 13 Following The Memory Layer for your AI apps. Backed by @ycombinator. Open source: https://t.co/HqLHhUMmAf
PlexTrac @PlexTrac
2K Followers 828 Following #1 AI-Powered Pentest and Vulnerability Data Management Platform 💥 https://t.co/Qte4s76bGr
XSS Report @XssReport
829 Followers 134 Following The official X account for the https://t.co/aVdNMc0ZRW project. Please use the link on the website as a contact
Barracks @BarracksArmy
286 Followers 39 Following Beyond the lab rut. Barracks forges hyper-realistic WarZones mirroring appsec chaos. Adapt. Report. Thrive. Build skills that cash actual checks.
Paku @ItPaku
85 Followers 253 Following जय श्री राम 🙇🏻♂️🚩. Cybersecurity Student | Learning and Exploring the World of Security.
Sicarius @ElS1carius
2K Followers 261 Following Pentester, Web specialized 🪲 Top 30 YesWeHack https://t.co/bJ2s5TWqYf Check my website if you're bored https://t.co/tdzCTEUbuO :)
Umesh Khanna 🇨🇦... @forwarddeploy
2K Followers 2K Following 2x Founder | 👼 forward deployed angels | @a16z | 🎓 alum @uwaterloo @kp_fellows
0x6c75696a616974 @luijait_
19K Followers 963 Following Instagram: luijait | Apasionado de la tecnología desde corta edad | Software/AI/ML Engineer & Researcher | Hacker | PERSONAL ACCOUNT AND OPINION RL
ashish_r_padelkar @engi_arp
2K Followers 116 Following Bug Bounties, HackerOne Top 25 Worldwide. Follow me on Insta ashishrpadelkar
511Ontario @511Ontario
113K Followers 186 Following An official account of the Ministry of Transportation. Traveller info for Ontario's provincial hwys. TOU: https://t.co/bETWt7Chut Fr: @Ontario511
Michael Skelton @codingo_
42K Followers 755 Following VP of Operations @bugcrowd, Hacking Content @ https://t.co/Ov3ZXfNg5P tools @ https://t.co/4X3ot71JLf @SecTalks_GC & @BSidesGC co-organiser
Zeeshan Khalid @z33_5h4n
2K Followers 100 Following Ethical Hacker, Web Application Security Researcher & Web Programmer.
Copperx @CopperxHQ
6K Followers 216 Following Stablecoin banking for businesses. Looking for a stablecoin checkout? visit @CopperxCheckout
Jinay Patel @0_0eth0
798 Followers 120 Following Looking at the burp history & analyzing | InfoSec | Hacker | An semi-active member at @Hacker0x01 | Securing IoMT Devices | BLR🔁AMD | Views are my own
shubs @infosec_au
56K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
Aditi Singh @aditi_singghh
13K Followers 757 Following Bug Bounty Hunter | Cyber security Researcher
xploiterr @_xploiterr
2K Followers 941 Following Let everything happen to you, just keep going… like she said. ✍️ Write-ups → https://t.co/2ki4J3756e
HackerOne @Hacker0x01
327K Followers 3K Following The only official HackerOne Twitter account. A global leader in offensive security solutions. #HackForGood #togetherwehitharder
Arpit Borawake @_venom26
821 Followers 929 Following Ethical Hacker and Bug Bounty Hunter. Hacker @hadriansecurity
Deedy @deedydas
209K Followers 5K Following Partner @MenloVentures. Formerly founding team @glean, @Google Search. @Cornell CS. Tweets about tech, immigration, India, fitness and search.
Shreyas Chavhan @shreyas_chavhan
6K Followers 390 Following Semi-Consciously simplifying bug bounties for myself and others | Slaying Bugs Full Time with My Nichirin Sword (aka Burp) since Aug 2023 | INFJ
XBOW @Xbow
10K Followers 6 Following Bringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://t.co/D5Mco1u8zM
Synack Red Team @SynackRedTeam
49K Followers 621 Following The power behind the @Synack platform is an elite team of the world's top cybersecurity researchers. Our best are honored at https://t.co/6bEAyp7HWJ
Hacktron AI @HacktronAI
2K Followers 7 Following Hacktron is an autonomous vulnerability hunter for ambitious engineering teams. Built by world-class security researchers. Powered by one principle: PoC || GTFO
Avanish Pathak @avanish46
7K Followers 508 Following Red Team Security Consultant | Lead Pentester @Cobalt_io |Trends for United States
You might like
